Chinese APT Cracks Microsoft Outlook Emails at 25 Government Agencies

Foreign state-sponsored actors likely had access to privileged state emails for weeks, thanks to a token validation vulnerability. [TechWeb]( Follow Dark Reading: [RSS]( July 13, 2023 LATEST SECURITY NEWS & COMMENTARY [Chinese APT Cracks Microsoft Outlook Emails at 25 Government Agencies]( Foreign state-sponsored actors likely had access to privileged state emails for weeks, thanks to a token validation vulnerability. [Hackers Target Chinese Gamers With Microsoft-Signed Rootkit]( Kernel mode driver can download second-stage payload directly to memory, allowing threat actors to evade endpoint detection and response tools. [White House Urged to Quickly Nominate National Cyber Director]( A group of cybersecurity organizations is urging the White House to move with haste in nominating a new National Cyber Director, amid a complex and shifting threat landscape. [Hackers Exploit Policy Loophole in Windows Kernel Drivers]( Using open source tools, attackers target Chinese speakers with malicious drivers with expired certificates, potentially allowing for full system takeover. [Ransomware, From a Different Perspective]( A good backup strategy can be effective at mitigating a ransomware attack, but how many organizations consider that their backup data can also be targeted? [How to Put Generative AI to Work in Your Security Operations Center]( Generative AI is the cybersecurity resource that never sleeps. Here are some of the ways security-focused generative AI can benefit different members of the SOC team. [QuickBlox API Vulnerabilities Open Video, Chat Users to Data Theft]( QuickBlox users should update to the latest version of the platform in order to protect against several avenues of exploitation. [(Sponsored Article) Why Hybrid Work Has Made Secure Access So Complicated]( Employees now have the freedom to work wherever they want, which brings new challenges for security teams trying to protect data. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Apple's Rapid Zero-Day Patch Causes Safari Issues, Users Say]( Apple's emergency fix for a code-execution bug being actively exploited in the wild is reportedly buggy itself, and some indications point to the Cupertino giant halting patch rollouts. [Top Takeaways From Table Talks With Fortune 100 CISOs]( As organizations struggle to keep up with new regulations and hiring challenges, chief information security officers share common challenges and experiences. [Mastodon Patches 4 Bugs, but Is the Twitter Killer Safe to Use?]( Platform's independent server "instances" may have different security levels, creating potential for supply chain-like vulnerabilities. [MORE]( EDITORS' CHOICE [Microsoft Discloses 5 Zero-Days in Voluminous July Security Update]( Fixes for more than 100 vulnerabilities affect numerous products, including Windows, Office, .Net, and Azure Active Directory, among others. LATEST FROM DR TECHNOLOGY [Startup Spotlight: Mobb Aims to Be the Fixer]( The company, one of four finalists in this year's Black Hat USA Startup Spotlight competition, automates vulnerability remediation using AI. LATEST FROM THE EDGE [10 Features an API Security Service Needs to Offer]( Securing APIs is specialized work. Here's what organizations should look for when selecting an outside partner. LATEST FROM DR GLOBAL [APT35 Develops Mac Bespoke Malware]( Iran-linked APT35 group crafted specific Mac malware when targeting a member of the media with new tools to add backdoors. WEBINARS - [Finding a Backup Strategy That Works For You]( You've been hit with a ransomware, DDoS, natural disaster, or destructive cyberattack. One of the first questions: can we get our data back? Good back-ups are key to business continuity and disaster recovery, but backing up your data in preparation ... - [Finding the Right Role for Identity and Access Management in Your Enterprise]( End user credentials are essential to enabling your employees to gain access to the data and applications they need. Those credentials are also one of the most prized targets that attackers hope to gain. To enable user access and prevent ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [Everything You Need to Know About DNS Attacks]( - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Firedome Integrates With Microsoft Defender for IoT to Enhance IoT Device Security, Using Microsoft Sentinel]( [Console & Associates, P.C. Investigates HCA Healthcare After Report of Data Breach Affecting an Estimated 11M Patients]( [(ISC)² Strengthens DEI Initiatives through Global Partnerships]( [Hackers Say Generative AI Unlikely to Replace Human Cybersecurity Skills According to Bugcrowd Survey]( [Less Than Half of SMBs Deploy Privileged Access Management]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How to Use Threat Intelligence to Mitigate Third-Party Risk]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)